<?php 

require_once 'db_config.php';
$db = new mysqli(DB_HOST,DB_USER,DB_PASSWORD,DB_DATABASE);

if(isset($_GET['ticket_id']) && isset($_GET['authcode']) && isset($_GET['user'])) { // if there are no inputs, it's a NEW TICKET
	$user=$_GET['user'];
	$ticket_id=$_GET['ticket_id'];
	$authcode=$_GET['authcode'];

	// get all data for this ticket
	$query="SELECT * FROM ticket_state WHERE ticket_id=$ticket_id ORDER BY state_id";	
	$result=mysqli_query($db,$query) or die("Error retrieving ticket $ticekt_id from database.");
	$tickets=array();
	while($tickets[]=mysqli_fetch_assoc($result)) {}
	unset($tickets[count($tickets)-1]);
	mysqli_free_result($result);
	
	$currentTicket=$tickets[count($tickets)-1];
	unset($tickets[count($tickets)-1]);

	// verifty auth code.
	$user==$currentTicket['creator'] || $user==$currentTicket['handler'] or die("You aren't authorized to see/modify this ticket.");
	$realAuthCode=sha1('caca'.$ticket_id.$user);
	$realAuthCode==$authcode or die("Auth codes don't match");

	// create list of available states from this user
	$states=array();
	if($user==$currentTicket['handler']) {
		switch($currentTicket['state']) {
			case "transferred":
			case "open":
			case "reopened":
				$states[]="solution offered";
				$states[]="need info";
				$states[]="working on";
				$states[]="transferred";
				$states[]="canceled";
				break;
			case "solution offered":
				$states[]="need info";
				$states[]="working on";
				$states[]="transferred";
				$states[]="canceled";
				break;
			case "need info":
				$states[]="solution offered";
				$states[]="working on";
				$states[]="transferred";
				$states[]="canceled";
				break;
			case "working on":
				$states[]="solution offered";
				$states[]="need info";
				$states[]="transferred";
				$states[]="canceled";
				break;
			case "canceled":
				$states[]="archived";
				break;
			case "closed":
				$states[]="archived";
				break;
			case "archived":
				break;
		}
	} else if($user==$currentTicket['creator']) {
			switch($currentTicket['state']) {
			case "open":
				$states[]="closed";
				break;
			case "transferred":
				$states[]="closed";
				break;
			case "solution offered":
				$states[]="reopened";
				$states[]="closed";
				break;
			case "need info":
				$states[]="reopened";
				$states[]="closed";
				break;
			case "reopened":
				$states[]="closed";
				break;
			case "working on":
				$states[]="closed";
				break;
			case "canceled":
				$states[]="reopened";
				break;
			case "closed":
				break;
			case "archived":
				break;
		}

	}

} else {  
	
	$result=mysqli_query($db,"SELECT * FROM question WHERE parent = 0") or die('Error getting parent questions from database.');
	$parents=array();
	while($parents[]=mysqli_fetch_assoc($result)) {}
	unset($parents[count($parents)-1]);
	mysqli_free_result($result);

	$result=mysqli_query($db,"SELECT * FROM question WHERE parent != 0 ORDER BY parent") or die('Error getting questions from database.');
	$rawQuestions=array();
	while($rawQuestions[]=mysqli_fetch_assoc($result)) {}
	unset($rawQuestions[count($rawQuestions)-1]);
	mysqli_free_result($result);

	$questions=array();
	foreach($rawQuestions as $rQues) {
		if(!isset($questions[$rQues['parent']]))
			$questions[$rQues['parent']]=array();
		$questions[$rQues['parent']][]=$rQues;
	}


}
mysqli_close($db);
require_once 'viewTicket.tpl.php';
?>

